{"id":1978,"date":"2013-07-26T09:36:30","date_gmt":"2013-07-26T09:36:30","guid":{"rendered":"http:\/\/webkul.com\/blog\/?p=1978"},"modified":"2013-09-11T04:17:22","modified_gmt":"2013-09-11T04:17:22","slug":"magento-admin-url-routing","status":"publish","type":"post","link":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/","title":{"rendered":"Magento Admin URL Routing"},"content":{"rendered":"

\"Url<\/a><\/p>\n

Magento Admin URL Routing –\u00a0<\/strong>During the best marketplace<\/strong><\/a> module development in magento we have investigated security in a very deep sense . There is a lot of fuss why magento adds key<\/strong> in every admin url or magento custom module ? \u00a0here is the complete explanation of the magento URL routing and custom \u00a0module URL key addition .<\/p>\n

Why there is a need for magento admin URL key ?\u00a0<\/strong>This is really important from point of view of security , magento key is a nonce<\/strong><\/a>\u00a0 which will protect the system with the CSRF<\/strong><\/a> attacks . have a look at magento admin module url example<\/p>\n

http:\/\/magento.webkul.com\/Marketplace\/index.php\/marketplacepartner\/products\/index\/key\/bef2f86b1333fff53esssdb7d7bf7f84ac\/<\/p>\n

as you can see here \/key\/bef2f86b1333fff53esssdb7d7bf7f84ac\/\u00a0<\/strong>is a nonce which will be added to module index controller automatically<\/p>\n

\"magenti<\/a><\/p>\n

 <\/p>\n

if you will remove the key and then enter the url then it will redirect to main magento dashbaord controller. Every url have different and its own nonce .<\/p>\n

under system config of the magento these secret kets can be hide . you need to just disable it from magento system configuration<\/p>\n

secret keys can be obtain for a particular module case<\/p>\n

<?php \r\n      $key = Mage::getSingleton('adminhtml\/url')\r\n             ->getSecretKey(\"webkul_modulename\/index\/\",\"index\"); \r\n ?><\/pre>\n
as webkul here is namespace and modulename is module name of custom module e.g marketplace<\/p>\n","protected":false},"excerpt":{"rendered":"
Magento Admin URL Routing –\u00a0During the best marketplace module development in magento we have investigated security in a very deep sense . There is a lot of fuss why magento adds key in every admin url or magento custom module ? \u00a0here is the complete explanation of the magento URL routing and custom \u00a0module URL […]<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[357,2056,356,19,355],"class_list":["post-1978","post","type-post","status-publish","format-standard","hentry","category-magento","tag-csrf","tag-magento","tag-nonce","tag-security","tag-url"],"yoast_head":"\nMagento Admin URL Routing - Webkul Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Magento Admin URL Routing - Webkul Blog\" \/>\n<meta property=\"og:description\" content=\"Magento Admin URL Routing –\u00a0During the best marketplace module development in magento we have investigated security in a very deep sense . There is a lot of fuss why magento adds key in every admin url or magento custom module ? \u00a0here is the complete explanation of the magento URL routing and custom \u00a0module URL [...]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/\" \/>\n<meta property=\"og:site_name\" content=\"Webkul Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/webkul\/\" \/>\n<meta property=\"article:author\" content=\"http:\/\/facebook.com\/webkul\" \/>\n<meta property=\"article:published_time\" content=\"2013-07-26T09:36:30+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2013-09-11T04:17:22+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/webkul.com\/blog\/wp-content\/uploads\/2013\/07\/Url-routing-banner.jpg\" \/>\n<meta name=\"author\" content=\"Vipin Sahu\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/vipinsahu\" \/>\n<meta name=\"twitter:site\" content=\"@webkul\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Vipin Sahu\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/\"},\"author\":{\"name\":\"Vipin Sahu\",\"@id\":\"https:\/\/webkul.com\/blog\/#\/schema\/person\/8ed13bf168e6e8fe92fe499c470111f1\"},\"headline\":\"Magento Admin URL Routing\",\"datePublished\":\"2013-07-26T09:36:30+00:00\",\"dateModified\":\"2013-09-11T04:17:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/\"},\"wordCount\":227,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/webkul.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/webkul.com\/blog\/wp-content\/uploads\/2013\/07\/Url-routing-banner.jpg\",\"keywords\":[\"csrf\",\"magento\",\"nonce\",\"security\",\"url\"],\"articleSection\":[\"magento\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/\",\"url\":\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/\",\"name\":\"Magento Admin URL Routing - Webkul Blog\",\"isPartOf\":{\"@id\":\"https:\/\/webkul.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/webkul.com\/blog\/wp-content\/uploads\/2013\/07\/Url-routing-banner.jpg\",\"datePublished\":\"2013-07-26T09:36:30+00:00\",\"dateModified\":\"2013-09-11T04:17:22+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#primaryimage\",\"url\":\"http:\/\/webkul.com\/blog\/wp-content\/uploads\/2013\/07\/Url-routing-banner.jpg\",\"contentUrl\":\"http:\/\/webkul.com\/blog\/wp-content\/uploads\/2013\/07\/Url-routing-banner.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/webkul.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Magento Admin URL Routing\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/webkul.com\/blog\/#website\",\"url\":\"https:\/\/webkul.com\/blog\/\",\"name\":\"Webkul Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/webkul.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/webkul.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/webkul.com\/blog\/#organization\",\"name\":\"WebKul Software Private Limited\",\"url\":\"https:\/\/webkul.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/webkul.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2021\/08\/webkul-logo-accent-sq.png\",\"contentUrl\":\"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2021\/08\/webkul-logo-accent-sq.png\",\"width\":380,\"height\":380,\"caption\":\"WebKul Software Private Limited\"},\"image\":{\"@id\":\"https:\/\/webkul.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/webkul\/\",\"https:\/\/x.com\/webkul\",\"https:\/\/www.instagram.com\/webkul\/\",\"https:\/\/www.linkedin.com\/company\/webkul\",\"https:\/\/www.youtube.com\/user\/webkul\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/webkul.com\/blog\/#\/schema\/person\/8ed13bf168e6e8fe92fe499c470111f1\",\"name\":\"Vipin Sahu\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/webkul.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/98597dd669d66735fc160e891e1207c749a444ebea1b172de18a92f1435045c0?s=96&d=https%3A%2F%2Fcdnblog.webkul.com%2Fblog%2Fwp-content%2Fuploads%2F2019%2F10%2Fmike.png&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/98597dd669d66735fc160e891e1207c749a444ebea1b172de18a92f1435045c0?s=96&d=https%3A%2F%2Fcdnblog.webkul.com%2Fblog%2Fwp-content%2Fuploads%2F2019%2F10%2Fmike.png&r=g\",\"caption\":\"Vipin Sahu\"},\"description\":\"Executionist and Hardcore Planner to drive out best of the best. Want to boost up the E-Commerce industry with his concoct conception.\",\"sameAs\":[\"http:\/\/webkul.com\",\"http:\/\/facebook.com\/webkul\",\"https:\/\/x.com\/https:\/\/twitter.com\/vipinsahu\"],\"url\":\"https:\/\/webkul.com\/blog\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Magento Admin URL Routing - Webkul Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/","og_locale":"en_US","og_type":"article","og_title":"Magento Admin URL Routing - Webkul Blog","og_description":"Magento Admin URL Routing –\u00a0During the best marketplace module development in magento we have investigated security in a very deep sense . There is a lot of fuss why magento adds key in every admin url or magento custom module ? \u00a0here is the complete explanation of the magento URL routing and custom \u00a0module URL [...]","og_url":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/","og_site_name":"Webkul Blog","article_publisher":"https:\/\/www.facebook.com\/webkul\/","article_author":"http:\/\/facebook.com\/webkul","article_published_time":"2013-07-26T09:36:30+00:00","article_modified_time":"2013-09-11T04:17:22+00:00","og_image":[{"url":"http:\/\/webkul.com\/blog\/wp-content\/uploads\/2013\/07\/Url-routing-banner.jpg","type":"","width":"","height":""}],"author":"Vipin Sahu","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/vipinsahu","twitter_site":"@webkul","twitter_misc":{"Written by":"Vipin Sahu","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#article","isPartOf":{"@id":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/"},"author":{"name":"Vipin Sahu","@id":"https:\/\/webkul.com\/blog\/#\/schema\/person\/8ed13bf168e6e8fe92fe499c470111f1"},"headline":"Magento Admin URL Routing","datePublished":"2013-07-26T09:36:30+00:00","dateModified":"2013-09-11T04:17:22+00:00","mainEntityOfPage":{"@id":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/"},"wordCount":227,"commentCount":0,"publisher":{"@id":"https:\/\/webkul.com\/blog\/#organization"},"image":{"@id":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#primaryimage"},"thumbnailUrl":"http:\/\/webkul.com\/blog\/wp-content\/uploads\/2013\/07\/Url-routing-banner.jpg","keywords":["csrf","magento","nonce","security","url"],"articleSection":["magento"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/","url":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/","name":"Magento Admin URL Routing - Webkul Blog","isPartOf":{"@id":"https:\/\/webkul.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#primaryimage"},"image":{"@id":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#primaryimage"},"thumbnailUrl":"http:\/\/webkul.com\/blog\/wp-content\/uploads\/2013\/07\/Url-routing-banner.jpg","datePublished":"2013-07-26T09:36:30+00:00","dateModified":"2013-09-11T04:17:22+00:00","breadcrumb":{"@id":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/webkul.com\/blog\/magento-admin-url-routing\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#primaryimage","url":"http:\/\/webkul.com\/blog\/wp-content\/uploads\/2013\/07\/Url-routing-banner.jpg","contentUrl":"http:\/\/webkul.com\/blog\/wp-content\/uploads\/2013\/07\/Url-routing-banner.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/webkul.com\/blog\/magento-admin-url-routing\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/webkul.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Magento Admin URL Routing"}]},{"@type":"WebSite","@id":"https:\/\/webkul.com\/blog\/#website","url":"https:\/\/webkul.com\/blog\/","name":"Webkul Blog","description":"","publisher":{"@id":"https:\/\/webkul.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/webkul.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/webkul.com\/blog\/#organization","name":"WebKul Software Private Limited","url":"https:\/\/webkul.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/webkul.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2021\/08\/webkul-logo-accent-sq.png","contentUrl":"https:\/\/cdnblog.webkul.com\/blog\/wp-content\/uploads\/2021\/08\/webkul-logo-accent-sq.png","width":380,"height":380,"caption":"WebKul Software Private Limited"},"image":{"@id":"https:\/\/webkul.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/webkul\/","https:\/\/x.com\/webkul","https:\/\/www.instagram.com\/webkul\/","https:\/\/www.linkedin.com\/company\/webkul","https:\/\/www.youtube.com\/user\/webkul\/"]},{"@type":"Person","@id":"https:\/\/webkul.com\/blog\/#\/schema\/person\/8ed13bf168e6e8fe92fe499c470111f1","name":"Vipin Sahu","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/webkul.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/98597dd669d66735fc160e891e1207c749a444ebea1b172de18a92f1435045c0?s=96&d=https%3A%2F%2Fcdnblog.webkul.com%2Fblog%2Fwp-content%2Fuploads%2F2019%2F10%2Fmike.png&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/98597dd669d66735fc160e891e1207c749a444ebea1b172de18a92f1435045c0?s=96&d=https%3A%2F%2Fcdnblog.webkul.com%2Fblog%2Fwp-content%2Fuploads%2F2019%2F10%2Fmike.png&r=g","caption":"Vipin Sahu"},"description":"Executionist and Hardcore Planner to drive out best of the best. Want to boost up the E-Commerce industry with his concoct conception.","sameAs":["http:\/\/webkul.com","http:\/\/facebook.com\/webkul","https:\/\/x.com\/https:\/\/twitter.com\/vipinsahu"],"url":"https:\/\/webkul.com\/blog\/author\/admin\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/posts\/1978","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/comments?post=1978"}],"version-history":[{"count":1,"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/posts\/1978\/revisions"}],"predecessor-version":[{"id":1981,"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/posts\/1978\/revisions\/1981"}],"wp:attachment":[{"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/media?parent=1978"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/categories?post=1978"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webkul.com\/blog\/wp-json\/wp\/v2\/tags?post=1978"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}